1155 matches found
CVE-2022-0322
A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS...
Design/Logic Flaw
A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS...
CVE-2022-0322
A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS...
CVE-2022-0322
A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS...
CVE-2022-0322
The CVE-2022-0322 entry concerns a flaw in the Linux kernel SCTP implementation. Specifically, in net/sctp/sm_make_chunk.c, the function sctp_make_strreset_req can trigger a BUG_ON when an operation uses more buffer than allocated, enabling local privilege access to cause a denial of service. Con...
CVE-2022-0322
A flaw was found in the sctpmakestrresetreq function in net/sctp/smmakechunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUGON issue, leading to a denial of service DOS...
Linux kernel 缓冲区错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a buffer overflow vulnerability that originates from not properly validating data boundaries when net/ipv4/esp4.c and net/ipv6/esp6.c perform...
CVE-2020-25178
ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x using TCP/IP. This communication protocol provides various file system operations, as well as the uploading of applications. Data is transferred over this protocol unencrypted, which could allow a remote...
Linux kernel denial of service vulnerability (CNVD-2022-21542)
Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. Linux kernel is vulnerable to a denial-of-service vulnerability that stems from a memory leak in the ICMPv6 network protocol stack. An attacker could exploit the vulnerability by generating and sending...
.A flaw was found in the CAN BCM networking protocol in the Linux kernel where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root.
...
USN-5294-2: Linux kernel vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or...
USN-5299-1: Linux kernel vulnerabilities
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. CVE-2020-26147 It was discovered that the bluetooth...
USN-5294-2: Linux kernel vulnerabilities
It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Szymon Heidrich discovered that the USB Gadget...
USN-5295-2: Linux kernel vulnerabilities
It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-22600 Jann Horn discovered a race condition in the Un...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2022-1062)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Deserialization of untrusted data in Apache Cayenne
Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne's optional Remote Object Persistence ROP feature is a web services-based technology that provides object persistence and query functionality to 'remote' applications. In Apache Cayenne 4.1 and...
EulerOS Virtualization 3.0.6.0 : curl (EulerOS-SA-2022-1062)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - curl 7.1.1 to and including 7.75.0 is vulnerable to an 'Exposure of Private Personal Information to an Unauthorized Actor' by leaki...
CVE-2022-24289
Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne's optional Remote Object Persistence ROP feature is a web services-based technology that provides object persistence and query functionality to 'remote' applications. In Apache Cayenne 4.1 and...
CVE-2022-24289
CVE-2022-24289 describes a deserialization vulnerability in the Hessian component of Apache Cayenne’s Remote Object Persistence (ROP) for Cayenne 4.1 and earlier when running on non-current Java patches. An attacker with client access to Cayenne ROP can send a malicious payload to vulnerable thir...
CVE-2021-45998
D-Link device DIR882 DIR882FW1.30B06Hotfix02 was discovered to contain a command injection vulnerability in the LocalIPAddress parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted HNAP1 POST request...